<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<title>Cisco 871 - Voice over DMVPN</title>
<style>
<!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p
        {mso-style-priority:99;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
span.EmailStyle18
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page Section1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
        {page:Section1;}
/* List Definitions */
@list l0
        {mso-list-id:1025012892;
        mso-list-template-ids:-1673616978;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>Matt,<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>I’d
also be interested in ideas from others regarding this setup. We are currently
using ASA 5505’s for our remote IP phone users but have not run into bandwidth
issues yet with only 7 of them. Do you do any policing or Traffic
Shaping outbound on your 871W remote routers? That might offer some short
term relief from remote users with large Internet pipes. <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>Your
first idea (2 </span><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>DMVPN
tunnels) – seems plausible but also seems like more work and maintenance.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>The
second idea (ASA proxy) seems like a solution that is picking up steam. I
also like the fact that it will simplify the remote setup since you don’t
require a router or ASA.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>Here
is a link to an article I recently saw on ASA proxy.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><a href="http://www.networkworld.com/community/node/42488">http://www.networkworld.com/community/node/42488</a><o:p></o:p></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Arial","sans-serif"'>Carlos<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
cisco-voip-bounces@puck.nether.net [mailto:cisco-voip-bounces@puck.nether.net] <b>On
Behalf Of </b>Matthew Linsemier<br>
<b>Sent:</b> Wednesday, July 29, 2009 11:18 AM<br>
<b>To:</b> cisco-voip@puck.nether.net<br>
<b>Subject:</b> [cisco-voip] Cisco 871 - Voice over DMVPN<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:11.0pt;
font-family:"Calibri","sans-serif"'>Hey all,<br>
<br>
I’m throwing this out again to see if anyone can offer some assistance.
If I should post in the DMVPN forum, I can do so as well, but I figured I
would start here.<br>
<br>
I am in the process of refreshing my Cisco 871 router configurations (5th build
now ) and I was looking for some input in regards to maintaining my voice
quality the best I can over the Internet. I have been doing voice over
IPSec for the last 5-6 years and it seems like it never gets easier. :)<br>
<br>
Right now we have about 35 users deployed remotely using Cisco 871W routers and
Cisco 7960 phones behind them. They are connected to two DMVPN hubs (for
redundancy). We have voice prioritized (among other items) within the
Tunnels and all works as expected (utilizing priority queues, qos pre-classify,
etc.). <br>
<br>
With the increase in home user bandwidth (10 meg / 12 meg) we are starting to
notice congestion on our 6 meg Internet link when large amounts of data is sent
or received over the tunnel Interfaces, which in the end causes congestion,
which in turn effects call quality. We utilize PacketShaper’s on
the internet links to prioritize IPSec traffic, but when all the traffic is
IPSec traffic, there are issues. <br>
<br>
I am looking into some possibilities of removing the voice traffic to maintain
call quality at all costs, and I have come up with a few ideas.</span><o:p></o:p></p>
<ol start=1 type=1>
<li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
mso-list:l0 level1 lfo1'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif"'>Creating
two DMVPN tunnels, one that carries only voice, and the other that carries
the rest of the data, and then using the PacketShaper to guarantee
bandwidth to the DMVPN tunnel that carries voice above all other data. </span><o:p></o:p></li>
<li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;
mso-list:l0 level1 lfo1'><span style='font-size:11.0pt;font-family:"Calibri","sans-serif"'>Pulling
the voice traffic out of the tunnel and using PhoneProxy on the
ASA’s then utilizing PacketShaper to guarantee bandwidth to the srtp
session above all other data.</span><o:p></o:p></li>
</ol>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif"'><br>
If anyone can throw out some pros and cons to either of these ideas, I would
like to hear them. Also, if anyone knows of a better appliance for
managing QoS at the Internet level other than the PacketShaper, I would like to
hear that as well (outside of Cisco IOS QoS).<br>
<br>
Thanks in advance,<br>
<br>
Matt </span><o:p></o:p></p>
<div class=MsoNormal align=center style='text-align:center'><span
style='font-size:7.5pt;font-family:"Arial","sans-serif";color:gray'>
<hr size=2 width="100%" align=center>
</span></div>
<p><span style='font-size:7.5pt;font-family:"Arial","sans-serif";color:gray'>CONFIDENTIALITY
STATEMENT<br>
This communication and any attachments are CONFIDENTIAL and may be protected by
one or more legal privileges. It is intended solely for the use of the
addressee identified above. If you are not the intended recipient, any use,
disclosure, copying or distribution of this communication is UNAUTHORIZED.
Neither this information block, the typed name of the sender, nor anything else
in this message is intended to constitute an electronic signature unless a
specific statement to the contrary is included in this message. If you have
received this communication in error, please immediately contact me and delete
this communication from your computer. Thank you.</span><span style='color:
gray'> </span><o:p></o:p></p>
<div class=MsoNormal align=center style='text-align:center'><span
style='color:gray'>
<hr size=2 width="100%" align=center>
</span></div>
</div>
</body>
</html>